GrantedAuthority xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.springframework.security;
17  
18  import java.io.Serializable;
19  
20  import org.springframework.security.userdetails.UserDetails;
21  
22  /**
23   * Represents an authority granted to an {@link Authentication} object.
24   *
25   * <p>
26   * A <code>GrantedAuthority</code> must either represent itself as a
27   * <code>String</code> or be specifically supported by an  {@link
28   * AccessDecisionManager}.
29   * </p>
30   * 
31   * <p>
32   * Implementations must implement {@link Comparable} in order to ensure that
33   * array sorting logic guaranteed by {@link UserDetails#getAuthorities()} can
34   * be reliably implemented.
35   * </p>
36   *
37   * @author Ben Alex
38   * @version $Id: GrantedAuthority.java 2735 2008-03-16 04:02:55Z benalex $
39   */
40  public interface GrantedAuthority extends Serializable, Comparable {
41      //~ Methods ========================================================================================================
42  
43      /**
44       * If the <code>GrantedAuthority</code> can be represented as a <code>String</code> and that
45       * <code>String</code> is sufficient in precision to be relied upon for an access control decision by an {@link
46       * AccessDecisionManager} (or delegate), this method should return such a <code>String</code>.<p>If the
47       * <code>GrantedAuthority</code> cannot be expressed with sufficient precision as a <code>String</code>,
48       * <code>null</code> should be returned. Returning <code>null</code> will require an
49       * <code>AccessDecisionManager</code> (or delegate) to  specifically support the <code>GrantedAuthority</code>
50       * implementation,  so returning <code>null</code> should be avoided unless actually  required.</p>
51       *
52       * @return a representation of the granted authority (or <code>null</code> if the granted authority cannot be
53       *         expressed as a <code>String</code> with sufficient precision).
54       */
55      String getAuthority();
56  }